From 7aae6c90452c1e9bcae78a5e948f381c1165010a Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 23 Nov 2019 22:21:47 +0100 Subject: use CONFLICT for double spending to distinguish properly from FORBIDDEN for bad signatures --- src/lib/auditor_api_deposit_confirmation.c | 2 +- src/lib/exchange_api_deposit.c | 4 ++-- src/lib/exchange_api_payback.c | 4 ++-- src/lib/exchange_api_refresh.c | 16 ++++++++-------- src/lib/exchange_api_refund.c | 2 +- src/lib/exchange_api_reserve.c | 6 +++--- src/lib/exchange_api_track_transaction.c | 2 +- src/lib/exchange_api_track_transfer.c | 2 +- 8 files changed, 19 insertions(+), 19 deletions(-) (limited to 'src/lib') diff --git a/src/lib/auditor_api_deposit_confirmation.c b/src/lib/auditor_api_deposit_confirmation.c index f221b7fd7..73173cc31 100644 --- a/src/lib/auditor_api_deposit_confirmation.c +++ b/src/lib/auditor_api_deposit_confirmation.c @@ -99,7 +99,7 @@ handle_deposit_confirmation_finished (void *cls, /* This should never happen, either us or the auditor is buggy (or API version conflict); just pass JSON reply to the application */ break; - case MHD_HTTP_UNAUTHORIZED: + case MHD_HTTP_FORBIDDEN: /* Nothing really to verify, auditor says one of the signatures is invalid; as we checked them, this should never happen, we should pass the JSON reply to the application */ diff --git a/src/lib/exchange_api_deposit.c b/src/lib/exchange_api_deposit.c index 48f9a06bb..30bb6c976 100644 --- a/src/lib/exchange_api_deposit.c +++ b/src/lib/exchange_api_deposit.c @@ -325,7 +325,7 @@ handle_deposit_finished (void *cls, /* This should never happen, either us or the exchange is buggy (or API version conflict); just pass JSON reply to the application */ break; - case MHD_HTTP_FORBIDDEN: + case MHD_HTTP_CONFLICT: /* Double spending; check signatures on transaction history */ if (GNUNET_OK != verify_deposit_signature_forbidden (dh, @@ -335,7 +335,7 @@ handle_deposit_finished (void *cls, response_code = 0; } break; - case MHD_HTTP_UNAUTHORIZED: + case MHD_HTTP_FORBIDDEN: /* Nothing really to verify, exchange says one of the signatures is invalid; as we checked them, this should never happen, we should pass the JSON reply to the application */ diff --git a/src/lib/exchange_api_payback.c b/src/lib/exchange_api_payback.c index 912548cfe..f9df27e7a 100644 --- a/src/lib/exchange_api_payback.c +++ b/src/lib/exchange_api_payback.c @@ -226,7 +226,7 @@ handle_payback_finished (void *cls, /* This should never happen, either us or the exchange is buggy (or API version conflict); just pass JSON reply to the application */ break; - case MHD_HTTP_FORBIDDEN: + case MHD_HTTP_CONFLICT: { /* Insufficient funds, proof attached */ json_t *history; @@ -256,7 +256,7 @@ handle_payback_finished (void *cls, TALER_EXCHANGE_payback_cancel (ph); return; } - case MHD_HTTP_UNAUTHORIZED: + case MHD_HTTP_FORBIDDEN: /* Nothing really to verify, exchange says one of the signatures is invalid; as we checked them, this should never happen, we should pass the JSON reply to the application */ diff --git a/src/lib/exchange_api_refresh.c b/src/lib/exchange_api_refresh.c index db3692bcd..a75baec86 100644 --- a/src/lib/exchange_api_refresh.c +++ b/src/lib/exchange_api_refresh.c @@ -939,7 +939,7 @@ verify_refresh_melt_signature_ok (struct TALER_EXCHANGE_RefreshMeltHandle *rmh, /** - * Verify that the signatures on the "403 FORBIDDEN" response from the + * Verify that the signatures on the "409 CONFLICT" response from the * exchange demonstrating customer double-spending are valid. * * @param rmh melt handle @@ -947,9 +947,9 @@ verify_refresh_melt_signature_ok (struct TALER_EXCHANGE_RefreshMeltHandle *rmh, * @return #GNUNET_OK if the signature(s) is valid, #GNUNET_SYSERR if not */ static int -verify_refresh_melt_signature_forbidden (struct - TALER_EXCHANGE_RefreshMeltHandle *rmh, - const json_t *json) +verify_refresh_melt_signature_conflict (struct + TALER_EXCHANGE_RefreshMeltHandle *rmh, + const json_t *json) { json_t *history; struct TALER_Amount original_value; @@ -1083,17 +1083,17 @@ handle_refresh_melt_finished (void *cls, /* This should never happen, either us or the exchange is buggy (or API version conflict); just pass JSON reply to the application */ break; - case MHD_HTTP_FORBIDDEN: + case MHD_HTTP_CONFLICT: /* Double spending; check signatures on transaction history */ if (GNUNET_OK != - verify_refresh_melt_signature_forbidden (rmh, - j)) + verify_refresh_melt_signature_conflict (rmh, + j)) { GNUNET_break_op (0); response_code = 0; } break; - case MHD_HTTP_UNAUTHORIZED: + case MHD_HTTP_FORBIDDEN: /* Nothing really to verify, exchange says one of the signatures is invalid; assuming we checked them, this should never happen, we should pass the JSON reply to the application */ diff --git a/src/lib/exchange_api_refund.c b/src/lib/exchange_api_refund.c index e8ae6b74a..b8c422e88 100644 --- a/src/lib/exchange_api_refund.c +++ b/src/lib/exchange_api_refund.c @@ -169,7 +169,7 @@ handle_refund_finished (void *cls, /* This should never happen, either us or the exchange is buggy (or API version conflict); just pass JSON reply to the application */ break; - case MHD_HTTP_UNAUTHORIZED: + case MHD_HTTP_FORBIDDEN: /* Nothing really to verify, exchange says one of the signatures is invalid; as we checked them, this should never happen, we should pass the JSON reply to the application */ diff --git a/src/lib/exchange_api_reserve.c b/src/lib/exchange_api_reserve.c index a57d4e9dc..2c62cac20 100644 --- a/src/lib/exchange_api_reserve.c +++ b/src/lib/exchange_api_reserve.c @@ -797,7 +797,7 @@ reserve_withdraw_ok (struct TALER_EXCHANGE_ReserveWithdrawHandle *wsh, /** - * We got a 403 FORBIDDEN response for the /reserve/withdraw operation. + * We got a 409 CONFLICT response for the /reserve/withdraw operation. * Check the signatures on the withdraw transactions in the provided * history and that the balances add up. We don't do anything directly * with the information, as the JSON will be returned to the application. @@ -941,7 +941,7 @@ handle_reserve_withdraw_finished (void *cls, /* This should never happen, either us or the exchange is buggy (or API version conflict); just pass JSON reply to the application */ break; - case MHD_HTTP_FORBIDDEN: + case MHD_HTTP_CONFLICT: /* The exchange says that the reserve has insufficient funds; check the signatures in the history... */ if (GNUNET_OK != @@ -952,7 +952,7 @@ handle_reserve_withdraw_finished (void *cls, response_code = 0; } break; - case MHD_HTTP_UNAUTHORIZED: + case MHD_HTTP_FORBIDDEN: GNUNET_break (0); /* Nothing really to verify, exchange says one of the signatures is invalid; as we checked them, this should never happen, we diff --git a/src/lib/exchange_api_track_transaction.c b/src/lib/exchange_api_track_transaction.c index 29b85facf..de3f98b65 100644 --- a/src/lib/exchange_api_track_transaction.c +++ b/src/lib/exchange_api_track_transaction.c @@ -217,7 +217,7 @@ handle_deposit_wtid_finished (void *cls, /* This should never happen, either us or the exchange is buggy (or API version conflict); just pass JSON reply to the application */ break; - case MHD_HTTP_UNAUTHORIZED: + case MHD_HTTP_FORBIDDEN: /* Nothing really to verify, exchange says one of the signatures is invalid; as we checked them, this should never happen, we should pass the JSON reply to the application */ diff --git a/src/lib/exchange_api_track_transfer.c b/src/lib/exchange_api_track_transfer.c index 419998a2c..2c90bf199 100644 --- a/src/lib/exchange_api_track_transfer.c +++ b/src/lib/exchange_api_track_transfer.c @@ -279,7 +279,7 @@ handle_track_transfer_finished (void *cls, /* This should never happen, either us or the exchange is buggy (or API version conflict); just pass JSON reply to the application */ break; - case MHD_HTTP_UNAUTHORIZED: + case MHD_HTTP_FORBIDDEN: /* Nothing really to verify, exchange says one of the signatures is invalid; as we checked them, this should never happen, we should pass the JSON reply to the application */ -- cgit v1.2.3